Wcfm – Frontend Manager For Woocommerce CVEs and Security Vulnerabilities

Search

Expected end of text, found '–' (at char 33), (line:1, col:34)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (344662 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-39506	2 Jordy Meow, Wordpress	2 Ai-engine, Wordpress	2026-04-14	4.3 Medium
Missing Authorization vulnerability in Jordy Meow AI Engine (Pro) ai-engine-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AI Engine (Pro): from n/a through < 3.4.2.
CVE-2026-39509	2 Wordpress, Wpwax	2 Wordpress, Directorist	2026-04-14	5.3 Medium
Missing Authorization vulnerability in wpWax Directorist directorist allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Directorist: from n/a through <= 8.5.10.
CVE-2026-39510	2 Wordpress, Wpchill	2 Wordpress, Image Photo Gallery Final Tiles Grid	2026-04-14	2.7 Low
Authorization Bypass Through User-Controlled Key vulnerability in WP Chill Image Photo Gallery Final Tiles Grid final-tiles-grid-gallery-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Photo Gallery Final Tiles Grid: from n/a through <= 3.6.11.
CVE-2026-39520	2 Wedevs, Wordpress	2 Wedocs, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in weDevs weDocs wedocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects weDocs: from n/a through <= 2.1.18.
CVE-2026-39521	2 Nelio Software, Wordpress	2 Nelio Content, Wordpress	2026-04-14	4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Nelio Software Nelio Content nelio-content allows Server Side Request Forgery.This issue affects Nelio Content: from n/a through <= 4.3.1.
CVE-2026-39535	2 Fullworks, Wordpress	2 Display Eventbrite Events, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in fullworks Display Eventbrite Events widget-for-eventbrite-api allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display Eventbrite Events: from n/a through <= 6.5.6.
CVE-2026-39536	2 Wordpress, Wpchill	2 Wordpress, Rsvp And Event Management	2026-04-14	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WP Chill RSVP and Event Management rsvp allows Retrieve Embedded Sensitive Data.This issue affects RSVP and Event Management: from n/a through <= 2.7.16.
CVE-2026-39562	2 Boldgrid, Wordpress	2 Client Invoicing By Sprout Invoices, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in BoldGrid Client Invoicing by Sprout Invoices sprout-invoices allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Client Invoicing by Sprout Invoices: from n/a through <= 20.8.10.
CVE-2026-39571	2 Themefic, Wordpress	2 Instantio, Wordpress	2026-04-14	5.3 Medium
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Themefic Instantio instantio allows Retrieve Embedded Sensitive Data.This issue affects Instantio: from n/a through <= 3.3.30.
CVE-2026-39585	2 Arraytics, Wordpress	2 Booktics, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in Arraytics Booktics booktics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Booktics: from n/a through <= 1.0.16.
CVE-2026-39586	2 Ateeq Rafeeq, Wordpress	2 Repairbuddy, Wordpress	2026-04-14	5.3 Medium
Insertion of Sensitive Information Into Sent Data vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Retrieve Embedded Sensitive Data.This issue affects RepairBuddy: from n/a through <= 4.1132.
CVE-2026-39588	2 Nmerii, Wordpress	2 Nm Gift Registry And Wishlist Lite, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in nmerii NM Gift Registry and Wishlist Lite nm-gift-registry-and-wishlist-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects NM Gift Registry and Wishlist Lite: from n/a through <= 5.13.
CVE-2026-39602	2 Rustaurius, Wordpress	2 Order Tracking, Wordpress	2026-04-14	N/A
Missing Authorization vulnerability in Rustaurius Order Tracking order-tracking allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Tracking: from n/a through <= 3.4.3.
CVE-2026-39604	2 Wordpress, Zookatron	2 Wordpress, Mybooktable Bookstore	2026-04-14	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zookatron MyBookTable Bookstore mybooktable allows Stored XSS.This issue affects MyBookTable Bookstore: from n/a through <= 3.6.0.
CVE-2026-39606	2 Foysal Imran, Wordpress	2 Bizreview, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in Foysal Imran BizReview bizreview allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizReview: from n/a through <= 1.5.13.
CVE-2026-39608	2 Ipospays, Wordpress	2 Ipospays Gateways Wc, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in iPOSPays iPOSpays Gateways WC ipospays-gateways-wc allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects iPOSpays Gateways WC: from n/a through <= 1.3.7.
CVE-2026-39610	2 Pankaj Kumar, Wordpress	2 Wpxmas-snow, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in Pankaj Kumar WpXmas-Snow wpxmas-snow allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpXmas-Snow: from n/a through <= 1.1.
CVE-2026-39612	2 Kutethemes, Wordpress	2 Kuteshop, Wordpress	2026-04-14	5.3 Medium
Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through <= 4.2.9.
CVE-2026-5908	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-04-14	8.8 High
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
CVE-2026-5909	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-04-14	8.8 High
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

« first previous Page 33 of 17234. next last »